Which two default settings for port security are true ？____答案

【多选题】

Which two default settings for port security are true ？___

A. Violation is Protect

B. Violation is Restrict

C. Violation is Shutdown

D. Maximum number of MAC addresses is 2

E. Maximum number of MAC addresses is 1

查看试卷，进入试卷练习

微信扫一扫，开始刷题

答案

解析

暂无解析

相关试题

【多选题】

Which two are characteristics of RADIUS？___

A. Uses UDP ports 1812 /1813

B. Uses TCP port 49

C. Uses UDP port 49

E. ncrypts only the password between user and server

查看答案解析

【多选题】

When setting up a site-to-site VPN with PSK authentication on a Cisco router， which two elements must be configured under crypto map？___

A. pfs

B. nat

C. reverse route

D. peer

E. transform-set

查看答案解析

【多选题】

When using the Adaptive Security Device Manager（ASDM), which two options are available to add a new root certificate？___

A. Install from SFTP server

B. Usehttps

C. Install from a file

D. Use LDAP

E. Use SCEP

查看答案解析

【多选题】

Which two SNMPv3 services support its capabilities as a secure networ k manage protocol？ ___

A. access control

B. the shared secret key

C. authentication

D. authorization

E. accounting

查看答案解析

【多选题】

Which two statements about routed firewall mode are true ？___

A. The firewall acts as a routed hop in the network

B. This mode conceals the presence of the firewall

C. The firewall requires a unique iP address for each interface

D. This mode allows the firewall to be added to an existing networ k with minimal additional configuration By default， this mode permits most traffic to pass throug

查看答案解析

【多选题】

Which two statements describe DHCP spoofing attacks？___

A. They are used to perform man-in- the-middle attacks

B. They can access most network devices

C. They can modify the flow of traffic in transit. LNGKAIG

D. They protect the identity of ti attacker by masking the DHCP address

E. They can physically modify the network gateway

查看答案解析

【多选题】

Which two types of VLANs using PVLANs are valid？___

A. isolated

B. promiscuous

C. backup

D. secondary

E. community

查看答案解析

【多选题】

What are two limitations of the self-zone policies on a zone-based firewall？___

A. They are unable to block Https traffic

B. They restrict SNMP traffic.

C. They are unable to support Https traffic

D. They are unable to implement application inspection

E. They are unable to perform rate limiting

查看答案解析

【多选题】

Which two descriptions of TACACS+ are true？ ___

A. The TACACS+ header is unencrypted

B. It combines a uthentication and authorization

C. It uses TCP as its transport protocol

D. Only the password is encrypted.

E. It uses UDP as its transport protocol.

查看答案解析

【多选题】

Which two actions does an IPS perform？ ___

A. it spans the traffic

B. it reflects the traffic back to the sender

C. it encrypts the traffic

D. it terminates the user session or connection of the attacker

E. it reconfigures a device to block the traffic

查看答案解析

【多选题】

In which form of fraud does an attacker try to learn information such as login credenti account information by ma squerading as a reputable entity or person in email， IM or communication channels ?___

A. phishing

B. Smurfit

C. Hacking

D. Identity Spoofing

查看答案解析

【多选题】

Which two ESA services are available for incoming and outgoing mails ？___

A. anti-DoS

B. reputation filter

C. antispam

D. content filter

E. DLP

查看答案解析

【多选题】

What are two reasons to recommend SNMPv 3 over SNMPv2？___

A. SNMPv3 is secure because you can configure authe ntication and privacy

B. SNMPv3 is insecure because it send in formation in clear text

C. SNMPv2 is insecure because it send information in clear text

D. SNMPv3 is a Cisco proprietary protocol

E. SNMPv2 is secure because you can configure authentication and privacy

查看答案解析

【多选题】

Which two actions can a zone- based firewall apply to a packet as it transits a zone pair？___

A. drop

B. inspect

C. queue

D. quarantine

查看答案解析

【单选题】

Which security principle has been violated if data is altered in an unauthorized manner？___

A. accountability

B. confidentiality

C. availability

D. integrity

查看答案解析

【单选题】

Which IKE Phase 1 parameter can you use to require the site-to-site VPN to use a pre-shared ？___

A. encryption

B. authentication

C. group

查看答案解析

【单选题】

Which command successfully creates an administrative user with a password of "cisco"on a Cisco router?___

A. username Operator privilege 7 password cisco

B. username Operator privilege 1 password cisco

C. username Operator privilege 15 password cisco

D. username Operator password cisco privilege 15

查看答案解析

【单选题】

Which EAP method authenticates a client against Active Directory without the use of client-side 802.1X certificates？___

A. EAP-TLS

B. EAP-MSCHAPv2

C. EAP-PEAP

E. AP-GTC

查看答案解析

【单选题】

What is a limitation of network-based IPS？___

A. It must be in dividually configured to support every operating system on the network.

B. It is most effective at the in dividual host level

C. It is unable to monitor attacks across the entire netw ork

D. Large installations require numerous sensors to fully protect the network

查看答案解析

【单选题】

When would you configure the ip dhcp snooping trust command on a sw itch？___

A. when the switch is connected to a DHCP server

B. when the switch is working in an edge capacit

C. when the switch is connected to a client system

D. when the switch is serving as an aggregator

查看答案解析

【单选题】

How does the 802. 1x supplicant communicate with the authentication server？___

A. The supplicant creates EAP packets and sends them to the authenticator, which encapsulates them into RADIUS and forwards them to the authentication server.

B. The supplicant creates RADIUS packets and sends them to the authe nticator, which encapsulates the m into EAP and forwards them to the a uthentication server.

C. The supplicant creates RADIUS packets and sends them to the authenticator, which translates them into eap and forwards them to the a ut hentication server

D. The supplicant creates

E. AP packets and sends them to the authe nticator, which translates them into radius and forwards them to the authentication server.

查看答案解析

【单选题】

Which command do you enter to verify the phase I status of a VPN connection？___

A. sh crypto se ssion

B. debug crypto isakmp

C. sh crypto isakmp sa

D. sh crypto ipsec sa

查看答案解析

【单选题】

Refer to the exhibit. what is the e ffect of the given configuration？___

A. It enables authentication，

B. It prevents keychain authentication.

C. The two routers receive normal updates from one another.

D. The two device s are able to pass the message digest to one another.

查看答案解析

【单选题】

Which command can you enter to configure OSPF to use hashing to authenticate routing updates？___

A. ip ospf aut hentication message-digest

B. neighbor 192 168.0 112 cost md5

C. ip ospf priority 1

D. ip ospf aut hentication-key

查看答案解析

【单选题】

Which command can you enter to verify the status of Cisco lOS Resilient Configuration on a Cisco router?___

A. show secure bootset

B. secure boot-image

C. show binary file

D. ure boot-config

查看答案解析

【单选题】

A user on your network inadvertently activates a botnet program that was received as an emai attachment. Which type of mechanism does Cisco Firepower use to detect and block only the botnet attack？___

A. network-based access control rule

B. reputation-based

C. user-ba sed access control rule

D. botnet traffic filter

查看答案解析

【单选题】

What does the policy map do in CoPP？___

A. defines service parameters

B. defines packet selection parameters

C. defines the packet filter

D. define s the action to be performed

查看答案解析

【单选题】

How is management traffic isolated on a Cisco ASR 1002？___

A. Traffic isolation is done on the vlan level

B. There is no management traffic isolation on a Cisco ASR 1002

C. Traffic is isolated based upon how you configure routing on the device

D. The management interface is configured in a special vRF that provides traffic isolation from the default routing table

查看答案解析

【单选题】

Which statement about NaT table evaluation in the asa is true？___

A. After-auto NAT polices are appl d first

B. Manual NAT policies are applied first

C. the asa uses the most specific match

D. Auto NAT policies are applied first

查看答案解析

【单选题】

Which information can you display by executing the show crypto ipsec sa command？___

A. ISAKMP SAs that are established between two peers

B. recent changes to the IP address of a peer router

C. proxy infor mation for the connection between two peers

D. IPsec SAs established between two peers

查看答案解析

【单选题】

How can you prevent NAT rules from sending traffic to incorrect interfaces？___

A. Assign the output interface in the NAT statement

B. Add the no-proxy-arp command to the nat line.

C. Configure twice NAT instead o bject NAT. 5

D. Use packet-tracer rules to reroute misrouted NAT entries.

查看答案解析

【单选题】

What term can be defined as the securing， control， and identification of digital data？___

A. cryptography

B. crypto key

C. cryptoanalysis

D. cryptology

查看答案解析

【单选题】

Which feature in the dNS security module provide on and off network DNS protection？___

A. Data Loss Prevention

B. Umbrella

C. Real-time sandboxing

D. Layer-4 monitoring

查看答案解析

【单选题】

Which a dverse consequence can occur on a network without BPDu guard ?___

A. The olde st switch can be elected as the root bridge

B. Unauthorized switches that are connected to the network can cause spanning-tree loops

D. ouble tagging can cause the switches to experience CAM table overload.

查看答案解析

【单选题】

What configuration is required for multitenancy ?___

A. shared infrastructure

B. multiple carriers

C. co-located resources

D. multiple separate zones

查看答案解析

【单选题】

Why does ISE require its own certificate issued by a trusted CA？___

A. ISEs certificate allows guest devices to validate it as a trusted network device

B. It generates certificates for guest devices ba sed on its own certificate

C. It requests certificates for guest devices from the Ca server based on its own certificate.

D. ISE's certificate allows it to join the network security framework

查看答案解析

【单选题】

which attack involves large numbers of ICMP packets with a spoofed source IP address？___

A. smurf attack

B. Teardrop attack

C. Nuke attack

D. SYN Flood attack

查看答案解析

【单选题】

Which statement about interface and global access rules is true？___

A. Interface access rules are processed before global access rules.

B. Global access rules apply only to outbound traffic， but interface access rules can be applied in either direction

C. The implicit allow is proce ssed after both the global and interface access rules

D. If an interface access rule is applied， the global access rule is ignored

查看答案解析

【单选题】

Which type of malicious software can create a back-door into a device or network？___

A. bot

B. worm

C. virus

D. Trojan

查看答案解析

【单选题】

Which security term refers to the like lihood that a weakness will be exploited to cause damage to an asset？___

A. threat

B. risk

C. countermeasure

D. vulnerability

查看答案解析

推荐试题

【单选题】

光分纤箱二维码标签应粘贴于光分纤箱箱体门板（）位置。___

A. 外部右方

B. 外部上方

C. 内部右方

D. 内部上方

查看答案解析

【单选题】

光功率计上的dB表示（）？___

A. 相对功率值

B. 绝对功率值

C. 相对电平值

D. 绝对电平值

查看答案解析

【单选题】

光功率衰减的单位是（）。___

A. dbm

B. db

查看答案解析

【单选题】

光交箱二维码标签应粘贴于光交箱箱体门板（）位置。___

A. 外部右方

B. 外部上方

C. 内部右方

D. 内部上方

查看答案解析

【单选题】

光缆传输线路的衰耗可使用稳定光源和（）进行测试。___

A. 信号分析仪

B. 红光笔

C. 光功率计

D. ＯＴＤＲ

查看答案解析

【单选题】

光缆传输线路的长度可使用（）进行测试。___

A. 信号分析仪

B. 光功率计

C. 稳定光源

D. ＯＴＤＲ

查看答案解析

【单选题】

光缆交接箱保护接地地线的阻值应不大于（）。___

A. 1Ω

B. 4Ω

C. 5Ω

D. 10Ω

查看答案解析

【单选题】

光缆如需开孔引入户内时，需要开墙孔应征得（）的同意，并确保墙孔两端的安全和美观。___

A. 营业厅

B. 同事

C. 用户朋友

D. 用户

查看答案解析

【单选题】

光猫LOS亮红灯是由于（）引起___

A. 线路故障

B. 光猫故障

C. 电源故障

D. 电脑故障

查看答案解析

【单选题】

光猫登录超级用户名为CMCCAdmin，密码为（）。___

A. aDm8H%MdA

B. admin

C. aDm8H%Mda

D. aDm8H*MdA

查看答案解析

【单选题】

光纤到户的英文缩写为（）。___

A. FTTB

B. FTTN

C. FTTH

D. FTTC

查看答案解析

【单选题】

机顶盒的网络设置不包括（）。___

A. 无线连接

B. 有线连接

C. PPPPE

D. PPPOE

查看答案解析

【单选题】

机顶盒上的AV接口是接:___

A. 电源线

B. 游戏手柄

C. U盘

D. 电视机

查看答案解析

【单选题】

机动车必须购买（）保险。___

A. 强制

B. 商业

C. 意外

D. 责任

查看答案解析

【单选题】

集中故障处理结果不包括（）。___

A. 已解决

B. 无法解决

C. 无需解决

D. 延期解决

查看答案解析

【单选题】

集中故障处理结果分为（）、延期解决、无需解决三种。___

A. 已解决

B. 计划解决

C. 暂无法解决

查看答案解析

【单选题】

家客开通装移机工单，农村区域用户装机时限为（）小时。___

A. 24

B. 36

C. 48

D. 72

查看答案解析

【单选题】

家客开通装移机工单到达开通预约环节，装维人员应在（）小时内完成预约用户工作。___

A. 1

B. 2

C. 3

D. 4

查看答案解析

【单选题】

家客掌上运维APP投诉回单的处理结果分为已解决和（）。___

A. 暂无法解决

B. 无需解决

C. 计划解决

D. 预约解决

查看答案解析

【单选题】

家客装维8小时装维服务承诺的时段是（）。___

A. 8:00-12:00

B. 8:00-14:00

C. 8:00-15:00

D. 8:00-18:00

查看答案解析

【单选题】

家客装维作业中发生事故的第一危险因素为___

A. 触电

B. 高空坠落

C. 交通意外

D. 中毒

查看答案解析

【单选题】

家庭光宽带下行信号光波长为（）。___

A. 1490nm

B. 850nm

C. 1310nm

D. 1550nm

查看答案解析

【单选题】

家庭宽带业务开通是指家庭宽带业务在（）的开通相关工作。___

A. 用户侧

B. 用户电脑

C. 机房

D. ONU

查看答案解析

【单选题】

家庭宽带装机过程中，遇到无入户线小区必须采用（）制的户线布放原则。___

A. 一户一线

B. 二户一线

C. 一线二户

D. 一线三户

查看答案解析

【单选题】

家庭宽带装机回访满意度挑战值为（）。___

A. ≥85%

B. ≥90%

C. ≥92%

D. ≥95%

查看答案解析

【单选题】

家庭网关的工作模式不包括以下哪种。（）___

A. 路由

B. 桥接

C. PPPOE

D. PPPOA

查看答案解析

【单选题】

家用路由器的路由设置可分为两类，一类是设置为PPOE拨号，另一类是设置为（）。___

A. 热点分享

B. 无限接入

C. 有限接入

D. 自动获取

查看答案解析

【单选题】

驾驶电动车或摩托车在夜间行驶，应当打开（）。___

A. 车灯

B. 警示灯

C. 双闪灯

D. 手机

查看答案解析

【单选题】

驾驶摩托车需要携带驾驶证和（）。___

A. 道路通行证

B. 行驶证

C. 上岗证

D. 身份证

查看答案解析

【单选题】

驾驶人在道路上驾驶机动车时需要携带（）和行驶证。___

A. 驾驶证

B. 道路通行证

C. 身份证

D. 工作证

查看答案解析

【单选题】

检测用户的无线信道是否有干扰，WIFI信号强弱。在手机中下载一个WIFI分析仪APP，检测WIFI信号和信道的强弱，指导用户正确的WIFI信道设置，其中WIFI信号不低于（），上网质量会较好，WIFI的信道选择干扰较小的信道为宜(推荐靠后选项的信道)。___

A. -46dbm

B. -56dbm

C. -66dbm

D. -76dbm

查看答案解析

【单选题】

建立一个PPPoE会话包括会话阶段和（）两个阶段。___

A. 判定阶段

B. 连接阶段

C. 发现阶段

D. 通信阶段

查看答案解析

【单选题】

建议用户将路由器放置在（）、阴凉、灰尘少的环境中使用，可延长设备使用寿命，并提升使用感知。___

A. 潮湿

B. 通风

C. 水气中

D. 干燥

查看答案解析

【单选题】

建议用户将路由器放置在阴凉、灰尘少、（）的环境中使用，可延长设备使用寿命并提升使用感知。___

A. 通风

B. 黑暗

C. 封闭

D. 死角

查看答案解析

【单选题】

交通规则是（）停、绿灯行。___

A. 红灯

B. 黄灯

C. 绿灯

D. 闪烁灯

查看答案解析

【单选题】

近电预警器的音量变（）时，应更换电池。___

A. 小

B. 长

C. 短

D. 大

查看答案解析

【单选题】

近电预警器自检时正常状态应发出（）声嘀、嘀、嘀的响声。___

A. 1

B. 2

C. 3

D. 4

查看答案解析

【单选题】

客户端故障处理应遵循（)的原则。___

A. 先排障，后抢通

B. 先抢通，后排障

C. 距离远近

D. 客户要求

查看答案解析

【单选题】

客户端可以ping通127.0.0.1及本机的IP地址，但无法ping通同一网段内其他工作正常的计算机的IP地址，说明（）。___

A. TCP/IP协议能正常工作

B. 本机网卡能正常工作

C. 本机网络接口可能故障

D. 本机DNS服务器地址设置错误

查看答案解析

【单选题】

宽带拨号提示错误代码691时，以下处理方法正确的是：___

A. 确认用户名或密码是否输入正确，注意区分大小写

B. 检查用户宽带上网帐号试用期是否到期

C. 通过后台认证系统检查是否端口限制

D. 检查电脑是否中毒

查看答案解析